Privacy Ref Blog by Tag

Tag "Legal Requirements" returned 13 posts

Most of the broadcast news over the past few nights has understandably focused on Hurricane Sandy and the aftermath. However, it was another story that caught my attention because of the use of personal information by law enforcement. It reminded me that with all the privacy concerns we struggle over that there are times when the collection and use of personal information has a redeeming social (or consumer) value.Continue reading this post…

Consumers, both business and individual, not only expect your organization to have a privacy policy, they also expect you to regularly train your staff, enforce the policy, and assess the overall health of the privacy program.. A company’s privacy policies, processes, and oversight reflect how the organization is responding to the responsibility of protecting personal information their customers have provided. Larger organizations have teams in place that ensure that the customers’ privacy expectations are met; for SMBs this can be a challenge.Continue reading this post…

TD Bank has notified their customers of a data breach through the loss of a backup tape. Initial reports have said that the tapes contain the account information and Social Security numbers of more than 267,000 customers on the US East Coast. The tape was not encrypted so, while the bank is unaware of any misuse of the information, anyone who does obtain the tape could easily read the information it contains.

I was with some TD Bank customers the day the data breach was acknowledged. There were two comments made that I hear anytime a breach occurs so I wanted to share them to help you protect your brand image in the event of a data loss.Continue reading this post…

On our last webinar (as of this writing) I discussed how a company can handle data subject’s rights requests under GDPR. Many of these requests are going to require attention, such as those ‘right to be forgotten’ requests. Others may seem daunting but can be handled easily and may not require any direct participation from your end.
Continue reading this post...